Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1vQX5V-00APWi-1k
	for pgsql-general@arkaria.postgresql.org;
	Tue, 02 Dec 2025 20:35:06 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1vQX5S-009wSl-17
	for pgsql-general@arkaria.postgresql.org;
	Tue, 02 Dec 2025 20:35:02 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <cmt@burggraben.net>)
	id 1vQX5S-009wSc-01
	for pgsql-general@lists.postgresql.org;
	Tue, 02 Dec 2025 20:35:02 +0000
Received: from smtp.burggraben.net ([2a01:4f8:140:510a::3])
	by makus.postgresql.org with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <cmt@burggraben.net>)
	id 1vQX5P-002o7U-0n
	for pgsql-general@lists.postgresql.org;
	Tue, 02 Dec 2025 20:35:01 +0000
Received: from elch.exwg.net (elch.exwg.net [IPv6:2001:470:7120:1:21b:21ff:fef0:248b])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "elch.exwg.net", Issuer "R13" (not verified))
	by smtp.burggraben.net (Postfix) with ESMTPS id 1313EC00311;
	Tue,  2 Dec 2025 21:34:53 +0100 (CET)
Received: by elch.exwg.net (Postfix, from userid 1000)
	id CB745FE9F7; Tue, 02 Dec 2025 21:34:52 +0100 (CET)
Date: Tue, 2 Dec 2025 21:34:52 +0100
From: Christoph Moench-Tegeder <cmt@burggraben.net>
To: Colin 't Hart <colinthart@gmail.com>
Cc: PostgreSQL General <pgsql-general@lists.postgresql.org>
Subject: Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow
 Postgres recovery?
Message-ID: <aS9NbE6fA6aiSK-l@elch.exwg.net>
References: <CAMon-aQz20Mv12T1RNL1T0eaWg-=nqu0WZuwVsh587rKbdf8aA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <CAMon-aQz20Mv12T1RNL1T0eaWg-=nqu0WZuwVsh587rKbdf8aA@mail.gmail.com>
User-Agent: Mutt/2.2.16 (2025-11-22)
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/aS9NbE6fA6aiSK-l%40elch.exwg.net>
Precedence: bulk

## Colin 't Hart (colinthart@gmail.com):

> I wonder if anyone here has any experience with configuring exclusions so
> that the WAL files can be processed faster?

https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions
mind this:
https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#supported-exclusion-scopes
and work from these examples (if you're allowed to):
https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#example-3-add-or-remove-a-folder-exclusion

> Any advice on what to communicate with their IT department about using this
> on their database servers? I've never encountered it on Linux before...

"Be glad it only slows your database down. All too often, AV/Endpoint
Protection Products just don't like the access pattern and eat your
database for breakfast." There is this joke "it has been 0 days since
Anti-Virus ate a database".

Regards,
Christoph

-- 
Spare Space